Zeus botnets Botnets crippled Crippled following takedown Takedown of ISP
The Zeus botnets have been hit with the sudden takedown of their C&C server, continuing the ongoing practice of taking down highly sinister cyber-operations.
The sudden vanishing of the Zeus botnets' C&C (command-and-control) server on March 9, 2010 prompted praise from security researchers; however, left them wondering as to what caused the unexpected shutdown.
According to the security researchers at Cisco, the ISP Troyak went out of sight on March 9, 2010. Although registered in Kazakhstan, Troyak had a network, which indicated that it possibly was jointly situated with a facility inside Russia or the Ukraine, as reported by Networkworld.com on March 10, 2010.
While tracking the C&C mechanism of Troyak.org, the researchers felt that it had been allowing the flow of approximately 25% of the entire traffic from the Zeus botnets.
Notably, a Zeus botnet contains a malware payload that's planted on numerous PCs globally, with this planting frequently done via fake anti-malware software as well as attacks against social networks. Computers contaminated with Zeus, take instructions from a C&C server. Commonly, the bot is designed to steal login credentials particularly those for online banking.
Commenting on this problem, Public Relations Officer for Cisco, Erin Lockhart Cisco, stated that his organization was glad to find the network taken down. Despite the numerous victims of the Zeus-controllers are still contaminated with the malware, their computers couldn't, however, any longer communicate with the botnet, which meant that there were little chances of further data theft. The criminals wouldn't as well manage to gain admission into the already stolen data till the time their Kazakhstan servers were restored, Lockhart explained, as reported by pcmag.com on March 10, 2010.
Evidently, security researchers Mary Landesman and Henry Stern from ScanSafe and Cisco respectively said that the shutdown mightn't as such make an influence on numbers in the long-run. Still, the pressure tactics on legal host organizations towards severing connections with malicious ISPs and botnet controllers was likely to be highly worthwhile so far as combating cyber-crime was concerned, as reported by v3.co.uk on March 11, 2010.
Stern explained that a bot was extremely economical, while a server/router, highly expensive.
Finally, the recent shutdown has happened within just seven days of the U.S. and Spanish authorities cutting down the size of the Mariposa botnet, which's regarded as the largest botnet worldwide.
Related article: Zeus Trojan Stole Huge Amount of Information
» SPAMfighter News - 20-03-2010